package com.njqy.ticket.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = "测试接口")
@RestController
@RequestMapping("/test")
public class TestController {

    @ApiOperation("测试")
    @GetMapping("/cs1")
    public String cs(){
        return "this is cs no permission";
    }

    @ApiOperation("测试")
    @GetMapping("/cs2")
    @PreAuthorize("@ex.hasAuthority('m1')")
    public String cs2(){
        return "this is cs permission: m1";
    }

    @ApiOperation("测试")
    @GetMapping("/cs3")
    @PreAuthorize("@ex.hasAuthority('aaaaa')")
    public String cs3(){
        return "this is cs no permission: aaaaa";
    }

}
